/* gpgme.js - Javascript integration for gpgme * Copyright (C) 2018 Bundesamt für Sicherheit in der Informationstechnik * * This file is part of GPGME. * * GPGME is free software; you can redistribute it and/or modify it * under the terms of the GNU Lesser General Public License as * published by the Free Software Foundation; either version 2.1 of * the License, or (at your option) any later version. * * GPGME is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this program; if not, see . * SPDX-License-Identifier: LGPL-2.1+ * * Author(s): * Maximilian Krambach */ import { gpgme_error } from './Errors'; /** * Validates an object containing a signature, as sent by the nativeMessaging * interface * @param {Object} sigObject Object as returned by gpgme-json. The definition * of the expected values are to be found in {@link expKeys}, {@link expSum}, * {@link expNote}. * @returns {GPGME_Signature|GPGME_Error} Signature Object * @private */ export function createSignature (sigObject){ if ( typeof (sigObject) !=='object' || !sigObject.hasOwnProperty('summary') || !sigObject.hasOwnProperty('fingerprint') || !sigObject.hasOwnProperty('timestamp') // TODO check if timestamp is mandatory in specification ){ return gpgme_error('SIG_WRONG'); } let keys = Object.keys(sigObject); for (let i=0; i< keys.length; i++){ // eslint-disable-next-line no-use-before-define if ( typeof (sigObject[keys[i]]) !== expKeys[keys[i]] ){ return gpgme_error('SIG_WRONG'); } } let sumkeys = Object.keys(sigObject.summary); for (let i=0; i< sumkeys.length; i++){ // eslint-disable-next-line no-use-before-define if ( typeof (sigObject.summary[sumkeys[i]]) !== expSum[sumkeys[i]] ){ return gpgme_error('SIG_WRONG'); } } if (sigObject.hasOwnProperty('notations')){ if (!Array.isArray(sigObject.notations)){ return gpgme_error('SIG_WRONG'); } for (let i=0; i < sigObject.notations.length; i++){ let notation = sigObject.notations[i]; let notekeys = Object.keys(notation); for (let j=0; j < notekeys.length; j++){ // eslint-disable-next-line no-use-before-define if ( typeof (notation[notekeys[j]]) !== expNote[notekeys[j]] ){ return gpgme_error('SIG_WRONG'); } } } } return new GPGME_Signature(sigObject); } /** * Representing the details of a signature. The full details as given by * gpgme-json can be read from the _rawSigObject. * * Note to reviewers: This class should be read only except via * {@link createSignature} * @protected * @class */ class GPGME_Signature { constructor (sigObject){ this._rawSigObject = sigObject; } /** * @returns {String} the fingerprint of this signature */ get fingerprint (){ if (!this._rawSigObject.fingerprint){ throw gpgme_error('SIG_WRONG'); } else { return this._rawSigObject.fingerprint; } } /** * The expiration of this Signature as Javascript date, or null if * signature does not expire * @returns {Date | null} */ get expiration (){ if (!this._rawSigObject.exp_timestamp){ return null; } return new Date(this._rawSigObject.exp_timestamp* 1000); } /** * The creation date of this Signature in Javascript Date * @returns {Date} */ get timestamp (){ return new Date(this._rawSigObject.timestamp * 1000); } /** * The overall validity of the key. If false, errorDetails may contain * additional information. */ get valid () { if (this._rawSigObject.summary.valid === true){ return true; } else { return false; } } /** * Object with boolean properties giving more information on non-valid * signatures. Refer to the [gpgme docs]{@link https://www.gnupg.org/documentation/manuals/gpgme/Verify.html} * for details on the values. */ get errorDetails (){ let properties = ['revoked', 'key-expired', 'sig-expired', 'key-missing', 'crl-missing', 'crl-too-old', 'bad-policy', 'sys-error']; let result = {}; for (let i=0; i< properties.length; i++){ if ( this._rawSigObject.hasOwnProperty(properties[i]) ){ result[properties[i]] = this._rawSigObject[properties[i]]; } } return result; } } /** * Expected keys and their value's type for the signature Object * @private */ const expKeys = { 'wrong_key_usage': 'boolean', 'chain_model': 'boolean', 'summary': 'object', 'is_de_vs': 'boolean', 'status_string':'string', 'fingerprint':'string', 'validity_string': 'string', 'pubkey_algo_name':'string', 'hash_algo_name':'string', 'pka_address':'string', 'status_code':'number', 'timestamp':'number', 'exp_timestamp':'number', 'pka_trust':'number', 'validity':'number', 'validity_reason':'number', 'notations': 'object' }; /** * Keys and their value's type for the summary * @private */ const expSum = { 'valid': 'boolean', 'green': 'boolean', 'red': 'boolean', 'revoked': 'boolean', 'key-expired': 'boolean', 'sig-expired': 'boolean', 'key-missing': 'boolean', 'crl-missing': 'boolean', 'crl-too-old': 'boolean', 'bad-policy': 'boolean', 'sys-error': 'boolean', 'sigsum': 'object' }; /** * Keys and their value's type for notations objects * @private */ const expNote = { 'human_readable': 'boolean', 'critical':'boolean', 'name': 'string', 'value': 'string', 'flags': 'number' };